CVE-2016-9601
Debian Security Advisory 3817-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
ghostscript, en versiones anteriores a la 9.21, es vulnerable a un desbordamiento de búfer basado en memoria dinámica (heap) descubierto en la función de ghostscript jbig2_decode_gray_scale_image, que se usa para descifrar segmentos halftone en una imagen JBIG2. Un documento (PostScript o PDF) con una imagen jbig2 embebida y especialmente manipulada podría desencadenar un fallo de segmentación en ghostscript.
Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-11-23 CVE Reserved
- 2017-03-24 CVE Published
- 2024-08-06 CVE Updated
- 2025-05-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/97095 | Third Party Advisory | |
| https://bugs.ghostscript.com/show_bug.cgi?id=697457 | Issue Tracking | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/201706-24 | 2023-11-07 | |
| https://www.debian.org/security/2017/dsa-3817 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Artifex Search vendor "Artifex" | Gpl Ghostscript Search vendor "Artifex" for product "Gpl Ghostscript" | < 9.21 Search vendor "Artifex" for product "Gpl Ghostscript" and version " < 9.21" | - |
Affected
| ||||||
| Artifex Search vendor "Artifex" | Jbig2dec Search vendor "Artifex" for product "Jbig2dec" | <= 0.13 Search vendor "Artifex" for product "Jbig2dec" and version " <= 0.13" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||